how's it going everyone I'm Ben Mills principal products assessed architect with service now and I'm happy to be presenting you with the new video series that we're putting together for integrating service now with Microsoft 365 for Asset Management use cases integrating your service now instance with M365 will enable you to track your software subscriptions and software usage to determine license compliance and Acton optimization opportunities we are going to be joined by fellow Rangers Randy Scrapper and Sean Walker as they provide step-by-step guidance through each phase of the M365 setup process now before we get started with the integration process it is important that we ensure all prerequisites are in place for the M365 integration the Microsoft Publisher pack will provide customers with enhanced capabilities for license tracking optimization and visibility specific to Microsoft products the itm health check will help by reviewing and scoring data points and configurations of your M365 integration to provide visibility into any discrepancies that need to be remediated the item health check can be found in the service now store for pre- Wasington customers we want to make sure that the SAS license management plug-in is installed as is as it is used in the creation and management of sass Integrations in Sam Pro the Microsoft intra ID spoke which is also available in the service now store is used to automate actions like the removal of software and other use cases through the integration this spoke does require an integration Hub subscription and finally we're going to want to make sure that we have the latest in greatest content values and mappings with that out of the way let's begin part one of this video series Sean and Randy are going to be taking us through the steps of registering a Microsoft Azure ad application why is this important in short this step is important for configuring the necessary API permissions for your app which will allow it to securely access your Microsoft resources okay so now I'm going to log into the Azure portal so I've C cop the link from the document that Randy sent me and I'm going to log in with my Global administrator P permissions so to make a register an application in Azure I need Global admin privileges okay just going to see you can see my screen here here okay excellent so once you open up the registration page you want to select new registration okay and and we're going to go ahead and name the form so we're itam Rangers so we are going to name this itam Ranger 365 integration so it'll be nice and easy for uh us to find integration if I could spell that would help okay next in the next section we're going to do supported types now there's three different types here to select we're going to go ahead and and select the multi-tenant one so this one right here okay and then select register that's it just register okay now this will take you back to the overview page where we'll want to copy the client ID and the client kenet ID field you cop this right here okay so I'm copying the application client ID and I'm going to paste this just on another screen here so I have it I better make a note of what it is so this is the client ID and then you also said the tenant ID right so the directory tenant ID directory tenant yes sir okay so I've copied that again I'm going to my other screen here and going to paste that and call this tenant ID okay I've got those copied excellent now the next thing we need to do is generate a secret a client secret for your application or for the application so let's ma let's go over uh navigate to manage and then certificate and secrets certificate and secrets okay we're going to hit the new client secret okay oh that's pretty straightforward so we're going to do the same thing call this one itam Ranger 365 integration now what about this one Randy like this say expires it's recommended 180 days what does that mean this is something that we it is driven by your company or the company's policy now what this does is it will uh set up this connection for a one-year period a two-year period or it will never EXP fire uh if it do set it up for one year you'll have to remind yourself to come back within that you know at the end of that one year to uh reenable this or this connection will will be broken oh so it's not going to remind me automatically what'll happen if if the connection's broken do you know then the then the jobs will start to fail oh okay yeah it's definitely a good note um to put down then so what so we'll just leave it the default for now since we're just doing a test and we'll leave it at default 6 months okay EXC then go ahead and add okay so the next thing you want to do is you want to copy the value uh of the newly generated secret thing and it's the value not the ID all right so making sure I copy the value so everybody notice that you know as much as I thought I was about to go and copy this one here that said secret ID but it's actually the value that I need to copy so again I'm going to go to my other screen here I'm going to paste that down I'm going to put um note for myself this is the secret value so I know which one it is okay good I've got that copied now all right now we need to to specify the level of access uh that the application has through your protected resources so let's navigate over to manage and API permissions okay so we do add a permission all right uh once that opens up you want to select Microsoft API yeah up here yeah and then you want to select Microsoft graph okay from there you want to select application permissions that makes sense now from here you're going to need to add three different permissions you're going to want to add reports read all user read all and organization read all okay so reports underneath reports I can see okay read all and then I'm going to add you said user user was it read all right so here's user read all and the other last one I think was organization right correct organization read all okay and I you go ahead add permissions okay oh and there's here it does it does one delegated anyway so this one came in from the profile itself this is nothing I picked it's just sort of the default so excellent as we see this you do see those warning signs so the state uh is not granted a consent yet so we want to go ahead and Grant admin consent on these application so there's a little check box right above description oh yeah right here yeah Grant permission yeah that's pretty important Grant admin consent yes we do so we're basically giving the application permissions so even though we set the permissions we still have to Grant it permissions and only a global administrator can grant permissions okay excent so now we're so now we're done we successfully registered our application now we just need to uh set up access in the powerbi in the API service so that'll be our next couple videos so all right please look out for them thanks